WinRAR fixes a two-decade old vulnerability that had put 500 million users at risk | HT Tech

WinRAR fixes a two-decade old vulnerability that had put 500 million users at risk

WinRAR has fixed a security vulnerability that had put its 500 million users around the world at risk.

| Updated on: Feb 22 2019, 17:10 IST
Researchers extract a 19 year old code from WinRAR
Researchers extract a 19 year old code from WinRAR (Getty Images/iStockphoto)

Researchers have discovered a critical 19-year-old vulnerability in WinRAR, a popular file archiving Windows application that is used for compressing and decompressing large files. The security vulnerability, which has been fixed now, allowed hackers to target devices by just extracting an archive, putting more than 500 million users at risk.

Researchers at Check Point Software Technologies, who discovered the vulnerability, explained that WinRAR was using a dated dynamic link library (dll) which was last updated in 2006. The dll did not have modern protection mechanisms such as ASLR and DEP which provide system-level security against hackers.

You may be interested in

MobilesTablets Laptops
28% OFF
Samsung Galaxy S23 Ultra 5G
  • Green
  • 12 GB RAM
  • 256 GB Storage
Google Pixel 8 Pro
  • Obsidian
  • 12 GB RAM
  • 128 GB Storage
Vivo X100 Pro 5G
  • Asteroid Black
  • 16 GB RAM
  • 512 GB Storage
Apple iPhone 15 Plus
  • Black
  • 6 GB RAM
  • 128 GB Storage

"A few months ago, our team built a multi-processor fuzzing lab and started to fuzz binaries for Windows environments using the WinAFL fuzzer. After the good results we got from our Adobe Research, we decided to expand our fuzzing efforts and started to fuzz WinRAR too," wrote Nadav Grossman in a blog post.

Also read
Looking for a smartphone? To check mobile finder click here.

Researchers discovered critical issue in the ACE archive format which had no protection mechanism at all and hackers didn't even need to bypass it.

ALSO READ: Formjacking explained: How hackers target online shoppers, virtually skim card details

"We turned our focus and fuzzer to this "low hanging fruit" dll, and looked for a memory corruption bug that would hopefully lead to Remote Code Execution. However, the fuzzer produced a test case with "weird" behavior. After researching this behavior, we found a logical bug: Absolute Path Traversal. From this point on it was simple to leverage this vulnerability to a remote code execution," he added.

WinRAR said it was dropping the guilty ACE format altogether with its new update.

"WinRAR used this third party library to unpack ACE archives. UNACEV2.DLL had not been updated since 2005 and we do not have access to its source code. So we decided to drop ACE archive format support to protect security of WinRAR users. We are thankful to Check Point Software Technologies for reporting this issue," the company said in a blog post.


Catch all the Latest Tech News, Mobile News, Laptop News, Gaming news, Wearables News , How To News, also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 22 Feb, 17:09 IST